Subject: Re: RFC 1323 and
To: Jan Schaumann <>
From: Steven M. Bellovin <>
List: tech-net
Date: 09/10/2004 10:39:18
In message <>, Jan Schaumann writes:
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>Content-Transfer-Encoding: quoted-printable
>I just saw this message on German Usenet that, summarized says:
>,----[ from usenet article ]
>| can't be reached without ever timing out.  The reason for
>| this is that a gateway throws away non-standard packets received from
>|  Reference:
>| "When the TCP timestamp option (RFC 1323) is used
>| the extra 12 bytes aren't taken into account when creating a packet so
>| the packet ends up being 12 bytes larger than the maximum segment size
>| announced by the correspondent host + 40 bytes for IP+TCP headers"
>| If the user uses
>|        sysctl net.inet.tcp.rfc1323=3D0
>| under OpenBSD or FreeBSD, the page is loaded normally.
>Without having investigated this at all, does anybody here know if that
>is actually the case and what, if anything, we can do about this?

I haven't verified the code; however, according to Section of 
RFC 1122, the complainant's interpretation of the spec is correct.  The 
actual segment size used must take into account the TCP option size.

		--Steve Bellovin,